Hi all,
it seems I cant login with my LDAP Authentication Manager since it seems
DefaultAuthenticationManager is the only Authentication Manager
configured...
WHO: myuser
WHAT: [UsernamePasswordCredential(username=myuser, source=null,
customFields={})]
ACTION: AUTHENTICATION_FAILED
APPLICATION: CAS
WHEN: Tue Nov 29 17:34:46 CET 2022
CLIENT IP ADDRESS: 0:0:0:0:0:0:0:1
SERVER IP ADDRESS: 0:0:0:0:0:0:0:1
=============================================================
>
2022-11-29 17:34:46,726 DEBUG
[org.springframework.boot.actuate.audit.listener.AuditListener] -
<AuditEvent [timestamp=2022-11-29T16:34:46.726185500Z, principal=myuser,
type=AUTHENTICATION_FAILED, data={CAS=null, Tue Nov 29 17:34:46 CET
2022=null, 0:0:0:0:0:0:0:1=null,
[UsernamePasswordCredential(username=myuser, source=null,
customFields={})]}]>
2022-11-29 17:34:46,726 DEBUG
[org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver]
- <0 errors, 0 successes>
org.apereo.cas.authentication.AuthenticationException: 0 errors, 0 successes
at
org.apereo.cas.authentication.DefaultAuthenticationManager.evaluateFinalAuthentication(DefaultAuthenticationManager.java:339)
~[cas-server-core-authentication-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.apereo.cas.authentication.DefaultAuthenticationManager.authenticateInternal(DefaultAuthenticationManager.java:317)
~[cas-server-core-authentication-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at
org.apereo.cas.authentication.DefaultAuthenticationManager.authenticate(DefaultAuthenticationManager.java:69)
~[cas-server-core-authentication-api-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
~[?:?]
at
jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
~[?:?]
at
jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
~[?:?]
at java.lang.reflect.Method.invoke(Method.java:568) ~[?:?]
at
org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344)
~[spring-aop-5.3.24.jar:5.3.24]
at
org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:198)
~[spring-aop-5.3.24.jar:5.3.24]
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
~[spring-aop-5.3.24.jar:5.3.24]
at
org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:89)
~[spring-aop-5.3.24.jar:5.3.24]
at
org.apereo.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:178)
~[inspektr-audit-1.8.20.GA.jar:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
~[?:?]
My config is the following:
##
# my Config
#
cas.log.level=trace
spring.security.log.level=trace
spring.webflow.log.level=trace
ldap.log.level=trace
pac4j.log.level=trace
opensaml.log.level=trace
hazelcast.log.level=trace
log.include.location=trace
#cas.authn.accept.enabled=false
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].ldap-url=ldap://mydomain
cas.authn.ldap[0].base-dn=OU=dom1,DC=dom2,DC=lan
cas.authn.ldap[0].search-filter=(sAMAccountName={user})
cas.authn.ldap[0].bind-dn=myuser@mydomain
cas.authn.ldap[0].bind-credential=mypassword
cas.authn.ldap[0].max-pool-size=5
cas.authn.ldap[0].min-pool-size=0
cas.authn.ldap[0].subtree-search=true
cas.authn.ldap[0].use-start-tls=false
cas.authn.ldap[0].trust-store=JKS
cas.authn.ldap[0].trust-store-password=changeit
cas.authn.ldap[0].trust-store-type=JKS
cas.authn.ldap[0].hostname-verifier=ANY
logging.level.org.springframework.boot.autoconfigure=ERROR
cas.standalone.configuration-directory=../../etc/cas/config
cas.service-registry.ldap.ldap-url=ldap://mydomain
cas.webflow.crypto.encryption.key=key1
cas.tgc.crypto.encryption.key=key2
cas.tgc.crypto.signing.key=key3
#cas.authn.attribute-repository.ldap[0].order=1
cas.authn.attribute-repository.ldap[0].base-dn=OU=dom1,DC=dom2,DC=lan
cas.authn.attribute-repository.ldap[0].bind-dn=myuser@mydomain
cas.authn.attribute-repository.ldap[0].bind-credential=mypassword
cas.authn.attribute-repository.ldap[0].ldap-url=ldap://mydomain:389
cas.authn.attribute-repository.ldap[0].search-filter=(sAMAccountName={user})
#cas.authn.attribute-repository.ldap[0].type=AUTHENTICATED
cas.authn.attribute-repository.ldap[0].hostname-verifier=ANY
cas.authn.attribute-repository.ldap[0].pool-passivator=NONE
#cas.authn.attribute-repository.ldap[0].allow-multiple-principal-attribute-values=true
#cas.authn.attribute-repository.ldap[0].enhance-with-entry-resolver=true
#cas.authn.attribute-repository.ldap[0].principal-attribute-list=displayName,mail:email,memberOf
#cas.authn.attribute-repository.ldap[0].principal-dn-attribute-name=sAMAccountName
#cas.authn.attribute-repository.ldap[0].use-start-tls=false
#cas.authn.attribute-repository.ldap[0].password-encoder.type=NONE
#cas.authn.ldap[0].bind-dn=blahblahblah
cas.person-directory.attribute-resolution-enabled=true
cas.person-directory.active-attribute-repository-ids=ADAUTH
cas.person-directory.principal-attribute=sAMAccountName
cas.person-directory.return-null=false
cas.person-directory.principal-resolution-failure-fatal=true
cas.person-directory.use-existing-principal-id=false
cas.authn.attribute-repository.core.aggregation=CASCADE
cas.authn.attribute-repository.core.merger=MULTIVALUED
cas.authn.attribute-repository.core.default-attributes-to-release=ldap-dn
cas.authn.attribute-repository.ldap[0].id=ADAUTH
cas.authn.attribute-repository.ldap[0].order=0
cas.authn.attribute-repository.ldap[0].attributes.sAMAccountName=uid
cas.authn.attribute-repository.ldap[0].attributes.userAccountControl=user-account-control
cas.authn.attribute-repository.ldap[0].attributes.distinguishedName=ldap-dn
logging.level.org.apereo.cas=debug
logging.level.org.apereo.services.persondir=trace
logging.level.org.apereo.cas.persondir=trace
logging.level.org.apereo.cas.authentication.principal.cache=trace
I'm completely stuck, any help would be highly appreciated,
thanks a lot!
Stef
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/19e26d6d-7a1b-4ec0-957b-93ecdcc3a327n%40apereo.org.
